Today I lost all my passwords on one of synced PC when migrating configs semi-automatically :)
As you can see -- I have (non-obviously) redundant pass open here.
set -eu
tmp=~/.password-store_tmp
[[ -d ~/.password-store ]] && mv -vT ~/.password-store "$tmp"
pass tomb "$gpgid" --timer=2h
pass open
pass git init
[[ -d $tmp ]] && cp -aT "$tmp"/. ~/.password-store && rm -rf "$tmp"
pass close
pass open
Which resulted in temporary situation of having two loop devices mounted one on top of another:
/dev/mapper/tomb..password.1566943678.loop0 on /home/user/.password-store type ext4 (rw,nodev,noatime)
/dev/mapper/tomb..password.1566944186.loop2 on /home/user/.password-store type ext4 (rw,nodev,noatime)
And after pass close everything written into overlayed mount of loop2 become lost (no pass git init, no copied passwords, only virgin pass init).
I don't think this situation is acceptible. I would even say it's critically disastrous.
Why pass-tomb allows opening something twice at all?
Look how it had messed up my dmesg:
[ 5875.693475] EXT4-fs (dm-4): mounted filesystem with ordered data mode. Opts: (null)
[ 5879.012068] EXT4-fs (dm-6): mounted filesystem with ordered data mode. Opts: (null)
[ 5879.394609] EXT4-fs error (device dm-4): ext4_validate_block_bitmap:376: comm kworker/u16:11: bg 0: bad block bitmap checksum
[ 5879.407010] EXT4-fs (dm-4): Delayed block allocation failed for inode 12 at logical offset 0 with max blocks 1 with error 74
[ 5879.407017] EXT4-fs (dm-4): This should not happen!! Data will be lost
[ 5883.290629] EXT4-fs (dm-4): mounted filesystem with ordered data mode. Opts: (null)
Moreover it hinders automation of other scripts -- I would liked if neomutt on startup tried to open tomb unconditionally and only then queried password from db. Because otherwise my workflow looks like -- "try running neomutt", "fail", "visually check tomb is opened (to prevent overlays)", "open if not (unconditional pass open results in problem above)", "try running neomutt again". It's horrendeous. Especially horrendeous is usecase with timeout when you never know, in which moment something will silently break, instead of simple password prompt in appropriate moment.
P.S. I know rm was bad decision and I removed it already. However it won't save anybody from manual error with loop2 anyway, because you see files until... you close it.
Also, I use git only for versioning, not for sync, so no concerns here.
By the way, why it requires sudo at all? Won't fuse will be enough to accomplish mounting without sudo prompt each time?
Today I lost all my passwords on one of synced PC when migrating configs semi-automatically :) As you can see -- I have (non-obviously) redundant
pass openhere.Which resulted in temporary situation of having two loop devices mounted one on top of another:
And after
pass closeeverything written into overlayed mount ofloop2become lost (no pass git init, no copied passwords, only virginpass init). I don't think this situation is acceptible. I would even say it's critically disastrous. Whypass-tomballows opening something twice at all? Look how it had messed up my dmesg:Moreover it hinders automation of other scripts -- I would liked if
neomutton startup tried to open tomb unconditionally and only then queried password from db. Because otherwise my workflow looks like -- "try running neomutt", "fail", "visually check tomb is opened (to prevent overlays)", "open if not (unconditional pass open results in problem above)", "try running neomutt again". It's horrendeous. Especially horrendeous is usecase with timeout when you never know, in which moment something will silently break, instead of simple password prompt in appropriate moment.P.S. I know
rmwas bad decision and I removed it already. However it won't save anybody from manual error withloop2anyway, because you see files until... you close it. Also, I use git only for versioning, not for sync, so no concerns here.By the way, why it requires
sudoat all? Won'tfusewill be enough to accomplish mounting withoutsudoprompt each time?